An Indian national named Kandula Nagaraju has been sentenced to two years and eight months in jail in Singapore for hacking into his former employer's computer systems and causing a significant financial loss.
Kandula, 39, worked at Singapore's National Computer Systems (NCS) until he was fired in October 2022 for mediocre performance. Feeling "upset" and "confused" by his termination, he used his administrator login credentials to gain unauthorized access to National Computer Systems quality assurance (QA) computer system several times between January 6 and January 17, 2023.
In March 2023, he took things further by running a script that deleted 180 virtual servers, causing a loss of about SGD 918,000 (approximately Rs 5.6 crore). This QA system was used to test new software and programs, so the deletion caused substantial disruption, even though it contained no sensitive information.
National Computer Systems discovered the problem on March 20, 2023, when the system became inaccessible. Internal investigations traced the unauthorized access to several IP addresses, resulting in a police report on April 11, 2023. The police seized Kandula's laptop and found the script used to delete the servers.
Investigations showed that Kandula had searched Google for scripts to erase virtual servers and then used them to write his deletion script. Despite knowing he was no longer authorized to access the system, he continued to do so, causing severe damage to NCS.
Kandula was part of a 20-member team managing the QA system at NCS from November 2021 to October 2022. This system, consisting of 180 virtual servers, was used to test new software and programs before their launch. According to court documents, Kandula felt he had "made good contributions" to NCS and was confused and upset when he was fired.
After losing his job at NCS, Kandula returned to India. However, he continued to access the NCS system remotely using his laptop. He returned to Singapore in February 2023 after finding a new job and staying with a former NCS colleague. He used his colleague's Wi-Fi network to access the NCS system once more on February 23, 2023.
During January and February, he wrote and tested scripts to see if they could delete the servers. In March 2023, he accessed the system 13 more times and eventually ran the script that erased the servers. The next day, the NCS team discovered that the system was inaccessible and, after troubleshooting, realized the servers had been deleted.
You might also be interested in - 1 dead, more than 70 injured during extreme turbulence of Singapore Airlines flight